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IN THE CLAIMS 
Please amend claims 1-2, 4-8 and 12 as indicated below. 
This listing of claims will replace all prior versions, and listings, of claims in 
the application. 

Listing of Claims; 

Claim 1 (currently amended) A computer program product for implementing 
electronic commerce systems, each electronic commerce system comprising a web 
site being accessible by one or more users and comprising a set of on-line stores and a 
set of organizations, each of the said on-line stores being associated with one of the 
set of organizations, the computer program product comprising a computer usable 
medium having computer readable program code m e ans embodied in said medium, 
and comprising: 

computer readable program code m e ans for representing the users, each user 
being associated with a unique identity in the system; 

computer readable program code m e ans for associating a user identity with 
one of a set of access roles for a security domain, the access role defining access 
privileges for the user corresponding to the user identity, the security domain 
comprising a subset of the set of organizations and the on-line stores associated with 
the organizations in the subset; and 

computer readable program code means for granting or denying access to a 
user attempting to access a portion of the web site by determining the user identity for 
the user and determining the access role associated with the user identity for the 
security domain corresponding to the portion of the web site subject to the access 
attempt. 

Claim 2 (currently amended) The computer program product of claim 1 further 
comprising computer readable program code means for carrying out the 
determination of the access role associated with a user identity for a security domain 
at user logon time. 
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Claim 3 (original) The computer program product of claim 1 in which the set of 
access roles comprises registered customer and administrator roles. 

Claim 4 (currently amended) The computer program product of claim 1, further 
comprising: 

computer readable program code means to define the set of organizations as a 
tree structure, in which the computer readable program code means for associating a 
user identity with one of a set of access roles further comprises computer readable 
program code m e ans for associating the user identity with the access role for a 
selected one of the set of organizations; and 

computer readable program code means for defining the security domain to 
include the selected organization and those organizations in the set that are 
descendants of the selected organization. 

Claim 5 (currently amended) The computer program product of claim 2, further 
comprising: 

computer readable program code m e ans to define the set of organizations as a 
tree structure, in which the computer readable program code m e an s for associating a 
user identity with one of a set of access roles further comprises computer readable 
program code m e ans for associating the user identity with the access role for a 
selected one of the set of organizations; and 

computer readable program code means for defining the security domain to 
include the selected organization and those organizations in the set that are 
descendants of the selected organization. 

Claim 6 (currently amended) The computer program product of claim 3, further 
comprising: 

computer readable program code m e ans to define the set of organizations as a 
tree structure, in which the computer readable program code m e ans for associating a 
user identity with one of a set of access roles further comprises computer readable 
program code m e an s for associating the user identity with the access role for a 
selected one of the set of organizations; and 
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and further comprising computer readable program code means for defining 
the security domain to include the selected organization and those organizations in the 
set that are descendants of the selected organization. 

Claim 7 (currently amended) The computer program product of claim 4 in which the 
computer readable program code means for associating a user identity with one of a 
set of accessible roles comprises computer readable program code means for 
maintaining and providing look up functionality for a table comprising rows 
comprising data representing user identity, organization, access role associations. 

Claim 8 (currently amended) The computer program product of claim 1, further 
comprising computer readable program code means for providing user identities with 
associated access roles at user registration to the web site. 

Claim 9 (original) A system for implementing electronic commerce systems, each 
electronic commerce system comprising a web site being accessible by one or more 
users and comprising a set of on-line stores and a set of organizations, each of the 
said on-line stores being associated with one of the set of organizations, the system 
comprising: 

means for representing the users, each user being associated with a unique 
identity in the system; 

means for associating a user identity with one of a set of access roles for a 
security domain, the access role defining access privileges for the user corresponding 
to the user identity, the security domain comprising a subset of the set of 
organizations and the on-line stores associated with the organizations in the subset; 
and 

means for granting or denying access to a user attempting to access a portion 
of the web site by determining the user identity for the user and determining the 
access role associated with the user identity for the security domain corresponding to 
the portion of the web site subject to the access attempt. 
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Claim 10 (original) The system of claim 9 further comprising means for carrying out 
the determination of the access role associated with a user identity for a security 
domain at user logon time. 

Claim 1 1 (original) The system of claim 9 in which the set of access roles comprises 
registered customer and administrator roles. 

Claim 12 (currently amended) The system of claim 9, further comprising: 

means to define the set of organizations as a tree structure, in which the means 

for associating a user identity with one of a set of access roles further comprises 

means for associating the user identity with the access role for a selected one of the 

set of organizations; and 

means for defining the security domain to include the selected organization 

and those organizations in the set that are descendants of the selected organization. 

Claim 13 (original) The system of claim 10, further comprising: 

means to define the set of organizations as a tree structure, in which the means 
for associating a user identity with one of a set of access roles further comprises 
means for associating the user identity with the access role for a selected one of the 
set of organizations; and 

means for defining the security domain to include the selected organization 
and those organizations in the set that are descendants of the selected organization. 

Claim 14 (original) The system of claim 11, further comprising: 
means to define the set of organizations as a tree structure, 

in which the means for associating a user identity with one of a set of access roles 

further comprises means for associating the user identity with the access role for a 

selected one of the set of organizations; and 

means for defining the security domain to include the selected organization 

and those organizations in the set that are descendants of the selected organization. 

Claim 15 (original) The system of claim 12 in which the means for associating a user 
identity with one of a set of accessible roles comprises means for maintaining and 
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providing look up functionality for a table comprising rows comprising data 
representing user identity, organization, access role associations. 

Claim 16 (original) The system of claim 9, further comprising means for providing 
user identities with associated access roles at user registration to the web site. 

Claim 17 (original) A method for providing user access to a portion of a web site 
implemented by an electronic commerce system, the web site being accessible by one 
or more users and comprising a set of on-line stores and a set of organizations, each 
of the said on-line stores being associated with one of the set of organizations, the 
method comprising the steps of: 

associating each user with a unique identity in the system; 

associating a user identity with one of a set of access roles for a security 
domain, the access role defining access privileges for the user corresponding to the 
user identity, the security domain comprising a subset of the set of organizations and 
the on-line stores associated with the organizations in the subset; and 

granting or denying access to a user attempting to access a portion of the web 
site by determining the user identity for the user and determining the access role 
associated with the user identity for the security domain corresponding to the portion 
of the web site subject to the access attempt. 

Claim 18 (original) The method of claim 17 in which the step of carrying out the 
determination of the access role associated with a user identity for a security domain 
occurs at user logon time. 

Claim 19 (original) The method of claim 17 in which the set of access roles 
comprises registered customer and administrator roles. 

Claim 20 (original) The method of claim 17 in which the set of organizations is a tree 
structure, the step of associating a user identity with one of a set of access roles 
further comprises the step of associating the user identity with the access role for a 
selected one of the set of organizations, 
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the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization, and 

the step of granting or denying access by determining the access role 
associated with the user identity for the security domain comprises determining the 
access role for the user identity by traversing the tree structure of organizations 
commencing at the selected organization and including the ancestor organizations to 
the selected organization. 

Claim 21 (original) The method of claim 18 in which 
the set of organizations is a tree structure, 

the step of associating a user identity with one of a set of access roles further 
comprises the step of associating the user identity with the access role for a selected 
one of the set of organizations, and 

the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization. 

Claim 22 (original) The method of claim 19 in which 
the set of organizations is a tree structure, 

the step of associating a user identity with one of a set of access roles further 
comprises the step of associating the user identity with the access role for a selected 
one of the set of organizations, and 

the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization. 

Claim 23 (original) The method of claim 20 in which the step of associating a user 
identity with one of a set of accessible roles comprises entering data in a table 
comprising rows comprising data representing user identity, organization, access role 
associations. 

Claim 24 (original) The method of claim 17 in which the step of providing user 
identities with associated access roles occurs at the time of user registration to the 
web site. 
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